Position: IT Risk Analyst and Control Tester
Location: Remote
Duration: 12+ Months Contract
JD:
Webster Technology Risk Strategic Initiatives
- Contribute to and may take a project leadership role for key initiatives supporting first line risk programs.
Information Risk and Control Framework
- Assist in the design, implementation, and execution of the Risk Management framework processes within Webster Technology.
- In collaboration with IT process owners, lead the day-to-day activities supporting identification of material risks associated with Webster Technology activities.
- Consult and guide technology and process owners with the establishment of necessary operating procedures and technical standards to mitigate these risks and comply with policies and standards.
- Assist in assessing control design, self-assessment processes (RCSA), control testing, and identifying KPIs and KRIs. Support the maintenance of the overall Webster Technology process taxonomy.
- Participate in the integration with the selected CIO Group GRC platform as needed.
- Take a leading role in increasing risk awareness throughout the organization.
Information Risk Aggregation and Reporting
- Contribute to the implementation and execution of integrated and automated Webster Technology risk reporting processes to enable firm-wide aggregation of material risks, issues, KRIs and other data as may be required. Contribute to the development of reports through appropriate committees.
Regulatory (Including Sarbanes Oxley (SOX))
- In collaboration with the second line, monitor for new regulatory guidance associated with Webster Technology activities.
- In collaboration with the second line, monitor for new activities, processes or technologies and assess potential risk impact.
- Support regulatory exams in Webster Technology. Ensure process owners maintain appropriate documentation such that Webster Technology is always exam ready.
- Collaborate with enterprise risk management and legal to document management responses to regulatory exam findings.
- Design and execute control testing programs to support compliance efforts as assigned.
General Requirements
- Able to develop the ability to plainly describe risk concepts to first line operational personnel.
- Synthesize complex and potentially conflicting data into simple, actionable reporting.
- Develop familiarity with technology, to support learning emerging technologies and how regulatory requirements may evolve.
- Strong written and verbal communication skills -- ability to collaborate and communicate up/down and across the organization with internal/external partners.
- Ability to resolve conflicting opinions without compromising high quality risk management.
- 10+ years of experience in Risk, Audit or Security functions, preferably in technology and in a banking environment.
- CISA, or other auditing or risk management certification is desired. Ability and desire to obtain relevant certification(s) strongly preferred.
Job Type: Contract
Salary: $60.00 per hour
Expected hours: 40 per week
Experience level:
- 10 years
Schedule:
- 8 hour shift
Experience:
- SOX: 6 years (Preferred)
- Control Testing: 6 years (Preferred)
- Risk management: 10 years (Preferred)
- Compliance management: 10 years (Preferred)
Work Location: Remote